Standard Chartered PLC’s general counsel sent emails to the bank’s compliance officer that “embraced a framework for regulatory evasion,” according to the case filed against the bank last Monday by New York’s top financial regulator. The breakdown in corporate governance in this case, as with many others before it, began with what can be described as a disconnect between the legal and compliance departments and their respective interpretations of their obligations to the company.

The roles played by compliance and by legal can and should be different – but the question comes down to whether one trumps the other, who has greater access to (or even inclusion in) upper management and to the board, and whether the board does its homework in considering each department’s recommendations.

“Within financial services firms, where the role of the chief compliance officer is required by regulation, the legal department and the compliance department have fundamentally different mandates and reasons for being. While the general counsel is responsible for guiding the company according to appropriate legal standards, a primary consideration of this function is the legal defense of the company, and often its directors and officers,” said Philip Thomas, manager of consulting firm CompliGlobe’s Asian operations.

“That the chief compliance officer is nearly always subordinate to the general counsel – to the extent that a firm even appoints two separate people rather than dual-hatting the GC – reflects the relative importance of these often incompatible agendas in corporate governance,” Thomas said.

Corporate governance need not present such a conundrum, says John Allan James, executive director for Pace University’s Center for Global Governance, Reporting and Regulation. “The solution rests with the board of directors,” he notes. “If the general counsel interprets a certain course of action as legal – not likely to expose the company to litigation – he or she can find arguments to do so, while still violating the spirit of the laws. If the chief compliance officer has enough independence, authority and access to the board, then the likelihood that a course of action could end up harming the investing public, as well as the firm, will be taken seriously.”

Looking at Standard Chartered as an example, one wonders how much auditing of the general counsel’s alleged decision to work around a U.S. executive order prohibiting U.S. banks from converting Iranian wire transfers into dollars received.

“An effective governance process would have dictated a review of the general counsel’s decision [in the Standard Chartered case] and then some monitoring and testing of that decision, as should happen with all important policies and procedures,” James said. “This type of review typically will enable the firm to ascertain when it a course of action will break the law – which should be the general counsel’s main concern – and when it will break the spirit of the law – a concern often within the compliance officer’s remit.”

The structures for monitoring and testing the decisions of both the general counsel and the compliance officer must be there. But the compliance officer must be invited to the table.

“There are ways to fix the problem,” notes Harvey Pitt, CEO of Kalorama Partners, LLC, a global business consulting firm in Washington, D.C., and former Chairman of the U.S. Securities and Exchange Commission.

Like James, Pitt believes that the effectiveness of a company’s compliance program starts with senior management.

“They have to believe there are no shortcuts to success, and they must inculcate those values in everyone at the firm. Since wanting to do the right thing can only take you so far, companies need to build in systems that provide a measure of protection against potentially troublesome transactions. Red flags must be raised before they are actually consummated.”

At every firm, every department– legal and compliance included — want to get transactions done and revenue generated, Pitt says. But to do so by skirting around the law shows poor management. The firm needs to set the tone, he says. “They need to communicate that what’s required are people of strong moral fiber, excellent and extensive experience, who understand that their mandate is to prevent the firm from getting too close to the line, whether the firm goes over it or not.”

“The chief compliance officer has suffered in a little understood role for years,” notes James. “The events leading up to the financial crisis we are just emerging from, plus passage of the Dodd-Frank Act, have helped the role get more attention, but it’s still a confusing one for many firms,” he says.

Thomas has a solution for better understanding the compliance officer’s primary functions.

“One of the purest conceptions of the role of chief compliance officer is found in Rule 38a-1 of the investment Company Act of 1940. Rule 38a-1 has been very successful in establishing sound compliance practices for mutual funds and restoring public confidence in them following the late trading and market timing scandals of the early 2000s. Mutual fund chief compliance officers are appointed by the board, report directly to the board, have their compensation set by the board, and can only be removed by the board, including a majority of the board’s disinterested directors.”

As Thomas points out, this is one way to make sure the authority of the general counsel “does not interfere with the proper discharge of the compliance function.”